pfSense 2 Cookbook

This book is unique in its coverage of all the features of pfSense, empowering you to exploit the firewall’s full potential. With clear instructions and detailed screenshots, it helps you configure even the most advanced features.

pfSense 2 Cookbook

Cookbook

Matt WilliamsonMarch 2011

This book is unique in its coverage of all the features of pfSense, empowering you to exploit the firewall’s full potential. With clear instructions and detailed screenshots, it helps you configure even the most advanced features.

Full of illustrations, diagrams, and tips for making the most of any pfSense implementation using clear step-by-step instructions for relevant and practical examples

Who This Book Is For

This book is intended for all levels of network administrators. If you are an advanced user of pfSense, then you can flip to a particular recipe and quickly accomplish the task at hand, while if you are new to pfSense, you can read chapter by chapter and learn all of the features of the system from the ground up.

Table of Contents

Chapter 1: Initial Configuration

Introduction

Applying basic settings in General Setup

Identifying and assigning interfaces

Configuring the WAN interface

Configuring the LAN interface

Configuring optional interfaces

Enabling the Secure Shell (SSH)

Generating authorized RSA keys

Configuring SSH RSA key authentication

Accessing the Secure Shell (SSH)

Chapter 2: Essential Services

Introduction

Configuring the DHCP server

Creating static DHCP mappings

Configuring the DHCP relay

Specifying alternate DNS servers

Configuring the DNS Forwarder

Configuring a standalone DHCP/DNS server

Configuring dynamic DNS

Chapter 3: General Configuration

Introduction

Creating an alias

Creating a NAT port forward rule

Creating a firewall rule

Creating a schedule

Remote desktop access, a complete example

Chapter 4: Virtual Private Networking

Introduction

Creating an IPsec VPN tunnel

Configuring the L2TP VPN service

Chapter 5: Advanced Configuration

Introduction

Creating a virtual IP

Configuring a 1:1 NAT rule

Creating an outbound NAT rule

Creating a gateway

Creating a static route

Configuring traffic-shaping (QoS, Quality of Service)

Bridging interfaces

Creating a virtual LAN

Creating a captive portal

Chapter 6: Redundancy, Load Balancing, and Failover

Introduction

Configuring multiple WAN interfaces

Configuring multi-WAN load balancing

Configuring multi-WAN failover

Configuring a web server load balancer

Configuring a web server failover

Configuring CARP firewall failover

Chapter 7: Services and Maintenance

Introduction

Enabling OLSR

Enabling PPPoE

Enabling RIP

Enabling SNMP

Enabling UPnP and NAT-PMP

Enabling OpenNTPD

Enabling Wake On LAN (WOL)

Enabling external logging (syslog server)

Using ping

Using traceroute

Backing up the configuration file

Restoring the configuration file

Configuring automatic configuration file backup

Updating pfSense firmware

What You Will Learn

Determine your deployment scenario, hardware/throughput/interface requirements, form-factor, and which platform version of pfSense is right for you

Monitor and view all sorts of system and feature statuses/logs using RRD graphs and status monitoring tools

In Detail

pfSense is an open source distribution of FreeBSD-based firewall that provides a platform for flexible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important, compared to other offerings. Through this book you will see that pfSense offers numerous alternatives to fit any environment's security needs.

pfSense 2.0 Cookbook is the first and only book to explore all the features of pfSense, including those released in the latest 2.0 version. With the help of step-by-step instructions and detailed screenshots of the pfSense interface you will be able to configure every general and advanced feature from creating a firewall rule to configuring multi-WAN failover. Each recipe includes tips and offers advice on variations of the topic or references to other related recipes and additional information that can be found from other sources.

pfSense 2.0 Cookbook covers the gamut of available features and functionality. The first three chapters will take you from a non-existent system to a basic pfSense firewall. The next chapter focuses on configuring any number of the VPN services available, a very important and sought-after feature for anyone implementing a firewall. The following two chapters describe how to configure the most advanced features available in pfSense; features that may only be relevant to the most experienced network admins. Chapter 7 is dedicated to understanding and configuring the "grab-bag" of features that are available in pfSense, but are often stand-alone options and unrelated to each other. The first appendix explains how to use the status monitoring tools available for many of the features. The second appendix wraps up with helping you to decide how and where pfSense may be incorporated into your system and what type of hardware is required based on your throughput needs.

Authors

Matt Williamson

Matt Williamson is the founder of Blue Key Consulting – a computer systems design and development firm located in the New York City area. Before forming his consulting business, Matt developed software for a number of companies in the insurance and financial research industries. A long-time user of pfSense, Matt has incorporated pfSense in a number of roles throughout a variety of his own systems and those of his clients. His personal website and blog can be found at http://www.bunkerhollow.com.

Alerts & Offers

Series & Level

We understand your time is important. Uniquely amongst the major publishers, we seek to develop and publish the broadest range of learning and information products on each technology. Every Packt product delivers a specific learning pathway, broadly defined by the Series type. This structured approach enables you to select the pathway which best suits your knowledge level, learning style and task objectives.

Learning

As a new user, these step-by-step tutorial guides will give you all the practical skills necessary to become competent and efficient.

Beginner's Guide

Friendly, informal tutorials that provide a practical introduction using examples, activities, and challenges.

Essentials

Fast paced, concentrated introductions showing the quickest way to put the tool to work in the real world.

Cookbook

A collection of practical self-contained recipes that all users of the technology will find useful for building more powerful and reliable systems.

Blueprints

Guides you through the most common types of project you'll encounter, giving you end-to-end guidance on how to build your specific solution quickly and reliably.

Mastering

Take your skills to the next level with advanced tutorials that will give you confidence to master the tool's most powerful features.

Starting

Accessible to readers adopting the topic, these titles get you into the tool or technology so that you can become an effective user.

Progressing

Building on core skills you already have, these titles share solutions and expertise so you become a highly productive power user.